How GCOM’s Decentralized Identity Solution Compares to Existing Digital ID Solutions

How GCOM’s Decentralized Identity Solution Compares to Existing Digital ID Solutions

Think about the last time you had to provide your driver’s license for a simple transaction – like checking into a hotel. Imagine that you were required to provide not just your license, but your social security number, income tax history, birth certificate and marriage certificate.

Sounds crazy, right? Why would you give them any more than what was necessary to complete your transaction?

And yet, agencies, retailers, and other places we do business with every day essentially have our entire wallets in digital form. They’ve got our home addresses, emails, phone numbers, social security information, credit card data, and more–even if they don’t need all of it.

The differences between digital ID’s and GCOM’s Decentralized Identity for Government (DIG)

The advent of digital driver’s licenses and similar forms of digital IDs gives hope that this will change and that personally identifiable information (PII) will be better protected than it is today. But while there are important security features built into digital ID applications, they’re still mostly about convenience–allowing users and organizations to interact without the burden of plastic and paper.

For true data protection and information control, users and organizations should look to self-sovereign identity (SSI) solutions like GCOM’s Decentralized Identity for Government (DIG). DIG is the first SSI solution that is designed exclusively for the government. It leverages distributed ledger technology so government agencies can independently verify residents’ personally identifiable information (PII), including address, date of birth, and more, without storing or managing any of their data.

Unlike existing forms of digital identity, DIG can be used for more than identity verification. Residents can securely use DIG to share validated information about employment history, income, education, and an array of other important information.

DIG offers all the convenience and benefits of digital IDs, with some key differences that make it more scalable and secure:

Users share only the information they choose to share 

Our solution shifts control of PII to the individual, allowing people to share only what’s relevant for a particular transaction. Users can grant or revoke access to their PII as needed, preventing organizations from obtaining unnecessary information or accessing a person’s PII without their consent.

For example, a person applying for a fishing license may need to prove their age but not their residential address. Proof of their birthdate can be obtained through a simple QR code scan. No other information gets transferred to the fish and wildlife agency, allowing the user to maintain complete control over their PII.

PII isn’t stored by the agencies residents transact with

With DIG, no single entity holds an individual’s PII. Instead, PII is stored on a user’s smartphone and is usable everywhere. All user data is encrypted using military grade encryption both at rest and in motion.

Information is validated through a distributed public ledger (blockchain) and shared through unique, end-to-end communication channels that are virtually tamper-proof and inaccessible to anyone, including hackers.

As such, users’ PII becomes immune from the rising cyber attacks that have beset many government organizations. Instead of hacking a single database, exposing thousands of users’ PII, a hacker would have to hack millions of individual vaults—an unappealing task for even the most ardent cybercriminal.

The benefits DIG offers government organizations

 

Reduced identity fraud and theft

DIG helps agencies validate users’ identities quickly and accurately. Users’ credentials are immediately matched to issuer data contained on the distributed blockchain. This eliminates the need to cross-reference a person’s information across different databases and significantly reduces the likelihood that criminal enterprises will be able to commit fraud using stolen identities. It also helps mitigate identity fraud and, as no PII is exchanged, reduces concerns about violating laws like the Health Insurance Portability and Accountability Act (HIPAA).

Cybersecurity becomes more cost-effective

Since agencies are no longer storing vast amounts of PII for the residents that they provide services to, there’s little incentive for cyber attackers to hack into an agency’s systems. Thus, DIG can minimize the threat of ransomware payouts and reduce the hundreds of billions of dollars agencies spend on cybersecurity.

No need for information-sharing agreements

With the elimination of data sharing between agencies Memorandums of Understanding (MOU) or information agreements outlining data sharing guidelines become redundant. Agencies can simply focus on providing a great resident experience, rather than spending time and legal expenses haggling over the particulars of a MOU.

Improved customer service

DIG nullifies the need to verify every piece of information that comes in, which saves time for both residents and agencies. For instance, residents can verify that information they’ve already provided during a previous transaction is still relevant without having to enter it again. Agencies can provide residents with a pleasant and fast user experience and save administrative time that can be better spent focusing on answering people’s questions and other value-added tasks.

GCOM’s DIG is more than just another form of digital ID. It provides users with complete control over their data, is secure by design and highly resistant to breaches, and features a high level of interoperability. With DIG, security becomes stronger, transactions become easier, and residents literally keep their data in their own hands.